674979df8d4e6f10e79fe4c176185bb783c9f606efc4bea414432f1728bdf0a8N

Sharing

Copy URL Twitter E-mail

General

Target

674979df8d4e6f10e79fe4c176185bb783c9f606efc4bea414432f1728bdf0a8N
Size

106KB
MD5

e2257b45e6aad874eac22df3223e4cc0
SHA1

5334c6a0c0d15aac2881bd2addb4c8569db07ce8
SHA256

674979df8d4e6f10e79fe4c176185bb783c9f606efc4bea414432f1728bdf0a8
SHA512

79f8d28f913ae6005fb431609a28a4680d9ca43cda5a4181231ed2dd5e48327898d39f18ea4a26cf81f967d28f8202c05ee5a7eb1658aa75b6722e116dd2af00
SSDEEP

1536:cbntFI9cuKUskpKB68uR0xTN2s+zheW6BVrqzCJ3bdDY+W14N4NmzWlIA7hKRQCm:c5oHslB9T2lQBV+UdE+rECWp7hKPIPzh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
674979df8d4e6f10e79fe4c176185bb783c9f606efc4bea414432f1728bdf0a8N

Files

674979df8d4e6f10e79fe4c176185bb783c9f606efc4bea414432f1728bdf0a8N
.exe windows:4 windows x86 arch:x86

391bba75454cdd46d52ce1dba26766f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetSystemInfo
GetUserDefaultLangID
GetVersion
GlobalMemoryStatusEx
HeapAlloc
HeapFree
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
ExitThread
GetFileSize
RtlZeroMemory
SetFilePointer
SetPriorityClass
SetThreadPriority
Sleep
TerminateProcess
TerminateThread
VirtualAlloc
VirtualFree
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
ExitProcess
CreateThread
CreateProcessA
CreateFileMappingA
GetCurrentThread
GetCurrentProcess
GetCompressedFileSizeA
GetCommandLineA
CreateFileA
CloseHandle

user32

MessageBoxA
LoadIconA
GetWindowRect
GetWindowLongA
GetSysColor
SendMessageA
SetDlgItemTextA
GetDlgItem
GetDlgCtrlID
DialogBoxParamA
wsprintfA
SetWindowLongA
SetWindowPos
SetForegroundWindow
SetWindowTextA
SetTimer

comctl32

InitCommonControls
InitCommonControlsEx

gdi32

CreateFontA
SetBkMode
SetTextColor
CreateSolidBrush

shell32

ShellExecuteA

advapi32

RegQueryValueExA
LsaOpenPolicy
RegOpenKeyExA

winmm

timeGetTime

ntdll

ZwQuerySystemInformation

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

391bba75454cdd46d52ce1dba26766f7

Headers

File Characteristics

Imports

kernel32

user32

comctl32

gdi32

shell32

advapi32

winmm

ntdll

ole32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 16KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 5KB - Virtual size: 4KB